X.Org Server Hit By Its Latest Batch Of Security Vulnerabilities

Written by Michael Larabel in X.Org on 14 December 2021 at 08:44 AM EST. 53 Comments
X.ORG
Given the age of the X.Org/X11 code-base security issues have become quite frequent. It was nearly a decade ago that the X.Org Server was considered a "security disaster" and a security researcher saying it's even worse than it looks. Today another batch of X.Org Server security vulnerabilities have been made public.

Four more CVEs were made public today around input validation failures in the X.Org Server that could lead to local privilege escalation. This is for cases where the X.Org Server is still running as a privileged process and supporting remote code execution for SSH X forwarding sessions.

The security issues involve out-of-bounds writes with different aspects of the X.Org Server around render, xfices, xext, and record code.
* CVE-2021-4008/ZDI-CAN-14192 SProcRenderCompositeGlyphs out-of-bounds access

The handler for the CompositeGlyphs request of the Render extension does not properly validate the request length leading to out of bounds memory write.

* CVE-2021-4009/ZDI-CAN 14950 SProcXFixesCreatePointerBarrier out-of-bounds access

The handler for the CreatePointerBarrier request of the XFixes extension does not properly validate the request length leading to out of bounds memory write.

* CVE-2021-4010/ZDI-CAN-14951 SProcScreenSaverSuspend out-of-bounds access

The handler for the Suspend request of the Screen Saver extension does not properly validate the request length leading to out of bounds memory write.

* CVE-2021-4011/ZDI-CAN-14952 SwapCreateRegister out-of-bounds access

The handlers for the RecordCreateContext and RecordRegisterClients requests of the Record extension do not properly validate the request length leading to out of bounds memory write.

These latest vulnerabilities were found as part of the Trend Micro Zero Day Initiative. Fixes are pending in X.Org Server Git.

More details via the security advisory.

These security advisories do impact XWayland for which XWayland 21.1.4 saw an update this morning.
53 Comments
Related News
XDC 2023 To Provide Update On AMD HDR For The Steam Deck, Rusticl & Wine Wayland
XWayland 23.2 RC2 Restores An Optimization For Depth 24 Windows
Twitter's New "X" Logo Is Reminding Plenty Of People Around X.Org
XWayland 23.2 RC1 Brings Tearing Control, Resizable Rootful, Emulated Input
X.Org Foundation To Become Part Of The SFC
xf86-video-ati 22.0 Released For Older ATI/AMD GPUs
About The Author
Michael Larabel

Michael Larabel is the principal author of Phoronix.com and founded the site in 2004 with a focus on enriching the Linux hardware experience. Michael has written more than 20,000 articles covering the state of Linux hardware support, Linux performance, graphics drivers, and other topics. Michael is also the lead developer of the Phoronix Test Suite, Phoromatic, and OpenBenchmarking.org automated benchmarking software. He can be followed via Twitter, LinkedIn, or contacted via MichaelLarabel.com.

Popular News This Week
The Maintainer Of The NVIDIA Open-Source "Nouveau" Linux Kernel Driver Resigns
GCC Preparing To Introduce "-fhardened" Security Hardening Option
Ubuntu 23.04 & 22.04.3 Installs Haven't Been Following Their Own Security Best Practices
Intel To Further Collaborate With Red Hat, Canonical & SUSE For Intel-Optimized Linux Distros
SteamOS 3.5 Rolls Out In Preview On The Steam Deck With Many New Features
ReactOS "Open-Source Windows" Shown Running On Valve's Steam Deck
Xfce's Wayland Roadmap Updated
Microsoft Releases A Big Update To Windows Subsystem For Linux, New Experimental Options